id,summary,reporter,owner,description,type,status,component,version,severity,resolution,keywords,cc,stage,has_patch,needs_docs,needs_tests,needs_better_patch,easy,ui_ux
16860,Provide hooks for password policy,PaulM,nobody,"While it is possible to change the validation for new passwords by subclassing the form, I think that Django should provide a more friendly interface for this. We should have a pluggable password authentication framework which enforces no rules by default, but comes with several reasonable example policies which may be enabled.
Problems to be solved include:
* Informing the user of the various password requirements
* Allowing policies to chain together smoothly
* Provide flexibility for complex requirements (some may include their own models)
* Backwards compatibility
* Javascript validation assistance (someday, maybe?)
* HTML5 support (i.e. the pattern attribute)
* Prevent using email, username or other user attributes as (part of) passwords
* Prevent reuse of old passwords",New feature,new,contrib.auth,1.3,Normal,,,cmawebsite@…,Accepted,0,0,0,0,0,0